Information Security Compliance Manager

Current is a leading consumer fintech platform transforming financial access for everyday Americans with over five million members. We provide access to financial solutions that seamlessly work together to solve the needs of our members and enable all Americans to build better financial futures. Based in NYC, our results-driven environment drives us to build better products, grow faster and empower everyone on our team to have an impact on our business and mission to improve financial outcomes.

With respect to all aspects of information security and consumer data privacy compliance:

• Lead and organize annual controls and process reviews, ensuring ongoing compliance with all relevant frameworks.
• Serve as owner and project manager for audit preparations, including PCI DSS, SOC 2, and relevant aspects of partner bank and third-party audits.
• Maintain and continuously update the Drata evidence library, working with stakeholders to track and collect required artifacts for related testing and audits.
• Execute and oversee internal compliance risk mitigation projects, including but not limited to CCPA/privacy programs, policy drafting, and implementation of new standards.
• Participate in regulatory assessments and risk analyses of infrastructure security; monitor technical compliance vulnerabilities.
• Advise engineers on policy gaps, develop corrective action plans, and ensure implementation of new technical controls.
• Develop and deliver compliance training for infrastructure and dev teams.
• Track findings and remediate audit follow-ups, preparing clear reports for leadership.
• Support third-party and vendor risk assessments, contract reviews, and compliance onboarding.
• Document compliance procedures and produce audit-ready evidence for all major technology changes.

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field.
• Proven experience (6+ years) in technical compliance or audit/project management, ideally within infrastructure, SaaS, or fintech domains.
• Strong knowledge of information security compliance frameworks, especially PCI DSS, SOC 2, CCPA, and bank partner technical audits, as well as regulatory frameworks for the protection of consumer data privacy
• Demonstrated ability to manage multiple concurrent projects and audits with cross-team stakeholders.
• Excellent written and verbal communication skills, with focus on technical documentation and policy language.
• Experience using compliance automation platforms (such as Drata, Vanta, OneTrust) in evidence collection and audit coordination.
• Analytical mindset with strong attention to detail and root-cause analysis skills.
• Understanding of cloud infrastructure, modern IT controls, vendor management, and incident response.
• Familiarity with privacy regulations (CCPA, GLBA / Reg P ) and technical implementation in a regulated environment.
• Ability to problem-solve and propose technical solutions for compliance risks.
• Professional certifications (e.g., CISSP, CISA, CIPP, PCI QSA) a plus. 

This role has a base salary range of $130,000 - $175,000. Compensation is determined based on experience, skill level, and qualifications, which are assessed during the interview process. Current offers a competitive total rewards package which includes base salary, equity, and comprehensive benefits.

BENEFITS

• Competitive salary 
• Meaningful equity in the form of stock options 
• 401(k) plan
• Discretionary performance bonus program 
• Biannual performance reviews
• Medical, Dental and Vision premiums covered at 100% for you and your dependents 
• Flexible time off and paid holidays 
• Generous parental leave policy
• Commuter benefits 
• Fitness benefits
• Healthcare and Dependent care FSA benefit 
• Employee Assistance Programs focused on mental health 
• Healthcare advocacy program for all employees 
• Access to mental health apps 
• Team building activities
• Our modern Chelsea-based office with open floor plan, stocked kitchen, and catered lunches